Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e6e6ac45 by Salvatore Bonaccorso at 2024-07-09T20:53:52+02:00
Add CVE-2024-39695/exiv2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -230,7 +230,11 @@ CVE-2024-39701 (Directus is a real-time API and App
dashboard for managing SQL d
CVE-2024-39699 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
NOT-FOR-US: Directus
CVE-2024-39695 (Exiv2 is a command-line utility and C++ library for reading,
writing, ...)
- TODO: check
+ - exiv2 <not-affected> (Vulnerable code not present)
+ NOTE:
https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh
+ NOTE: https://github.com/Exiv2/exiv2/pull/3006
+ NOTE: Introduced after:
https://github.com/Exiv2/exiv2/commit/cb7a48f84aeb30251caae909901555dffa4e9fcb
(v0.28.0)
+ NOTE: Fixed by:
https://github.com/Exiv2/exiv2/commit/3a28346db5ae1735a8728fe3491b0aecc1dbf387
(v0.28.3)
CVE-2024-39677 (NHibernate is an object-relational mapper for the .NET
framework. A SQ ...)
TODO: check
CVE-2024-39312 (Botan is a C++ cryptography library. X.509 certificates can
identify e ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6e6ac45a618471bca6adb03dea8d5682d3afc6a
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6e6ac45a618471bca6adb03dea8d5682d3afc6a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
